Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/7iF3o9tD7XsEQVcUdRli359AXdA.roa
File: 7iF3o9tD7XsEQVcUdRli359AXdA.roa (raw, json)
Hash identifier: Mme3ttQaVI+1fh9gs6zCbnAdKcvrTp3T57iYCAtr1Hw=
Subject key identifier: EE:21:77:A3:DB:43:ED:7B:04:41:57:14:75:19:62:DF:9F:40:5D:D0
Certificate issuer: /CN=e1df5852af905b415fdf53e32876f57a74d6c1f0
Certificate serial: A6DA49
Authority key identifier: E1:DF:58:52:AF:90:5B:41:5F:DF:53:E3:28:76:F5:7A:74:D6:C1:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4d9YUq-QW0Ff31PjKHb1enTWwfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/7iF3o9tD7XsEQVcUdRli359AXdA.roa
Signing time: Sat 01 Jan 2022 00:52:17 +0000
ROA not before: Sat 01 Jan 2022 00:52:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 90.152.64.0/19 maxlen: 19
95.175.208.0/20 maxlen: 20
90.152.64.0/18 maxlen: 18
212.36.32.0/19 maxlen: 19
90.152.96.0/19 maxlen: 19
90.152.0.0/18 maxlen: 18
95.175.192.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10934857 (0xa6da49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1df5852af905b415fdf53e32876f57a74d6c1f0
Validity
Not Before: Jan 1 00:52:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee2177a3db43ed7b04415714751962df9f405dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6a:41:19:82:83:82:64:87:97:44:a1:d7:99:
ed:cf:06:d5:72:c0:9e:89:b2:31:39:67:44:f3:32:
b2:f2:59:63:37:a6:e0:67:3f:3a:6e:88:70:e2:74:
da:34:76:59:f9:5e:fd:25:ce:16:fc:8d:47:cb:82:
de:fa:e2:17:12:68:d6:b3:4a:00:fd:e8:b1:3b:84:
6b:6e:af:9d:c5:ad:d6:c4:33:bc:be:2a:2b:d7:81:
7b:0e:15:d1:ba:84:b6:51:1d:84:52:5e:5a:f8:ba:
c9:02:e8:1c:86:9d:22:db:87:d1:a4:07:e6:f0:43:
b0:b3:2f:19:63:a7:86:13:04:45:97:fd:ab:b0:94:
9f:ae:b9:f4:ef:a2:06:1c:f1:f5:bb:17:04:91:ee:
1b:a5:93:26:81:65:d9:4e:1d:4c:e3:ac:5c:6a:e0:
4f:b8:2b:7a:54:c4:97:40:e6:d5:15:ae:9d:f9:75:
28:fc:6f:d9:f3:5f:b6:30:1a:a7:19:1d:84:b8:0c:
ce:d3:e9:d3:13:56:68:3c:51:01:d4:76:19:0b:6e:
57:b5:7f:01:54:6e:fc:d2:98:52:b7:29:80:4e:a6:
6d:49:60:dc:0c:6b:27:fd:f0:08:e7:08:08:49:dc:
e2:c0:84:33:97:1e:11:67:8b:a2:df:e1:65:70:86:
10:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:21:77:A3:DB:43:ED:7B:04:41:57:14:75:19:62:DF:9F:40:5D:D0
X509v3 Authority Key Identifier:
keyid:E1:DF:58:52:AF:90:5B:41:5F:DF:53:E3:28:76:F5:7A:74:D6:C1:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d9YUq-QW0Ff31PjKHb1enTWwfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/7iF3o9tD7XsEQVcUdRli359AXdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c9206-95cb-4324-ab88-1e6577ca172d/1/4d9YUq-QW0Ff31PjKHb1enTWwfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.152.0.0/17
95.175.192.0/19
212.36.32.0/19
Signature Algorithm: sha256WithRSAEncryption
32:c1:ed:3a:7f:fd:ce:1d:71:2c:86:9a:28:10:6b:47:ae:3a:
b8:09:c4:41:7d:22:95:f2:33:66:29:33:7f:0b:61:f4:65:76:
37:3c:8e:5b:47:ce:9d:c4:9a:89:4b:90:27:40:21:f1:31:83:
bf:06:ee:aa:4a:43:06:f6:ef:c5:e3:6b:6e:1d:da:9a:7c:b5:
1e:42:89:1b:99:6e:02:f7:fe:ce:16:a8:72:f7:ab:81:8e:da:
ac:3c:54:90:c6:5c:f4:92:e5:45:0f:20:3d:cd:0c:c3:ab:26:
e4:c0:79:1b:de:74:e8:b1:1a:c8:1b:5d:c1:dd:7b:b6:84:67:
12:18:09:0b:11:9f:e9:64:07:eb:b3:08:29:f8:a2:89:8d:c0:
e4:7b:34:c9:b3:01:a4:15:68:27:94:76:1b:fa:1d:53:74:1e:
85:ea:83:c2:05:51:93:dc:2c:ec:b9:08:bb:4d:97:07:06:a3:
fc:8b:58:2c:ea:72:c7:6a:11:c2:2f:1b:ee:9b:87:f1:c3:7e:
bf:e3:92:46:c0:d9:59:78:d1:44:3d:8a:d4:de:eb:9f:70:c4:
19:7c:19:ff:bd:1f:d3:5e:d4:30:cc:a1:00:5a:7f:75:37:9e:
24:c5:8e:08:4e:5b:3f:a2:68:2a:2e:58:34:e0:6e:44:8b:7b:
b0:9d:a4:51
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAKbaSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MWRmNTg1MmFmOTA1YjQxNWZkZjUzZTMyODc2ZjU3YTc0ZDZjMWYwMB4XDTIyMDEw
MTAwNTIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWUyMTc3YTNkYjQz
ZWQ3YjA0NDE1NzE0NzUxOTYyZGY5ZjQwNWRkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9qQRmCg4Jkh5dEodeZ7c8G1XLAnomyMTlnRPMysvJZYzem
4Gc/Om6IcOJ02jR2Wfle/SXOFvyNR8uC3vriFxJo1rNKAP3osTuEa26vncWt1sQz
vL4qK9eBew4V0bqEtlEdhFJeWvi6yQLoHIadItuH0aQH5vBDsLMvGWOnhhMERZf9
q7CUn6659O+iBhzx9bsXBJHuG6WTJoFl2U4dTOOsXGrgT7grelTEl0Dm1RWunfl1
KPxv2fNftjAapxkdhLgMztPp0xNWaDxRAdR2GQtuV7V/AVRu/NKYUrcpgE6mbUlg
3AxrJ/3wCOcICEnc4sCEM5ceEWeLot/hZXCGEAsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTuIXej20PtewRBVxR1GWLfn0Bd0DAfBgNVHSMEGDAWgBTh31hSr5BbQV/f
U+ModvV6dNbB8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRkOVlVcS1RVzBGZjMxUGpLSGIxZW5UV3dmQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvNGM5MjA2LTk1Y2ItNDMyNC1hYjg4LTFlNjU3N2NhMTcyZC8x
LzdpRjNvOXREN1hzRVFWY1VkUmxpMzU5QVhkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
NGM5MjA2LTk1Y2ItNDMyNC1hYjg4LTFlNjU3N2NhMTcyZC8xLzRkOVlVcS1RVzBG
ZjMxUGpLSGIxZW5UV3dmQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEB1qYAAMEBV+vwAMEBdQkIDANBgkq
hkiG9w0BAQsFAAOCAQEAMsHtOn/9zh1xLIaaKBBrR646uAnEQX0ilfIzZikzfwth
9GV2NzyOW0fOncSaiUuQJ0Ah8TGDvwbuqkpDBvbvxeNrbh3amny1HkKJG5luAvf+
zhaocvergY7arDxUkMZc9JLlRQ8gPc0Mw6sm5MB5G9506LEayBtdwd17toRnEhgJ
CxGf6WQH67MIKfiiiY3A5Hs0ybMBpBVoJ5R2G/odU3QeheqDwgVRk9ws7LkIu02X
Bwaj/ItYLOpyx2oRwi8b7puH8cN+v+OSRsDZWXjRRD2K1N7rn3DEGXwZ/70f017U
MMyhAFp/dTeeJMWOCE5bP6JoKi5YNOBuRIt7sJ2kUQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:46 2023 by rpki-client on console-fra.rpki-client.org